Adobe Document Cloud and General Data Protection Regulation (GDPR)

What is GDPR and how does it affect your business’s use of Document Cloud?

The General Data Protection Regulation (GDPR) is the European Union’s new privacy law that harmonizes and modernizes data protection requirements across the EU. While there are many new or enhanced requirements compared to previous EU privacy laws, the core underlying principles remain the same. The new rules have a broad definition of personal data and a wide reach, affecting any company that markets products and services to individuals in the EU. As your trusted Data Processor, we’re committed to helping you on your GDPR compliance journey.

GDPR readiness: A shared responsibility.

GDPR is a shared compliance journey, with the regulation setting out the obligations for the various parties. For Document Cloud users, the example below sets out the roles for enterprises and institutions (Data Controllers) technology providers (Data Processors) and the places where the Data Processor may need to help or partner with the Data Controller either through tools, processes, or documentation to help the Data Controller.

A strong foundation of security and privacy compliance.

We’ve implemented a set of certified security processes and controls called the Adobe Common Controls Framework to help protect the data entrusted to us. This framework helps us comply with several security and privacy certifications, standards, and regulations, including SOC 2, ISO 27001, and the EU-U.S. Privacy Shield.

Privacy by design

Adobe has a long-standing practice of incorporating proactive product development efforts, which means we think about privacy at the outset when it comes to our software lifecycle. This is also known as “privacy by design.”

Data transfer

We’ve certified to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks for customer-related data. This provides our customers with the option of relying on these frameworks or entering into Standard Contractual Clauses (also known as EU Model Clauses) for the transfer of data from the EU to the U.S. You can find more information on this in our Privacy Center, along with information on how to request Standard Contractual Clauses.

Records of processing

We’re working to more formally document the privacy practices we have in place to comply with the enhanced record keeping requirements.

Data protection team

We currently have a chief privacy officer, an Irish data protection officer, and a dedicated privacy team, and will continue to evaluate whether we need to take any additional steps in light of the new requirements.

Product and process innovation

We are constantly listening to our customers and looking for ways to simplify and further automate our product and service offerings to better support their GDPR needs.

Adobe online services are available only to users 13 and older and require agreement to additional terms and the Adobe Privacy Policy. Online services are not available in all countries or languages, may require user registration, and may be discontinued or modified in whole or in part without notice. Additional fees or subscription charges may apply.

Asia Pacific

Internet Explorer is not supported before version 10.

This website no longer supports any Internet Explorer versions earlier than 10. We apologize for any inconvenience this may cause. If you’re experiencing issues on a later version of Internet Explorer, turn off Compatibility View and make sure that acrobat.adobe.com is not listed in your Compatibility View settings. We recommend upgrading your browser to the latest version by visiting the Internet Explorer Download Center, maintained by Microsoft.

You have selected an Acrobat Standard DC product that is only available for Windows.